Security researchers have discovered a webmail server attack that enables attackers to steal corporate credentials and underlines the need for continuous monitoring.
The attack, which the researchers described as a new and unique advanced persistent threat (APT) technique, involves a malicious module loaded onto a webmail server.
Using a malicious dynamic link library (DLL) loaded into a company’s Outlook Web Application (OWA) server, attackers were able to record authentication credentials and gain complete backdoor capabilities, according to researchers at security firm Cybereason.
View full story